Home > @loopback/security > Subject
Subject interface
Subject represents both security state and operations for a single request. It’s the who for security.
Such operations include: - authentication (login) - authorization (access control) - session access - logout
Signature:
export interface Subject
Properties
| Property | Modifiers | Type | Description |
|---|---|---|---|
|
Set<Permission> |
An array of authorities granted by the user to the client application. One example is {@link https://tools.ietf.org/html/rfc6749#section-3.3 | oAuth2 scopes). | ||
|
Set<Credential> |
An array of credentials, such as password, access token, or private/public keys. | ||
|
Set<TypedPrincipal> |
An array of principals. It can include information about the current user, the client application, and granted authorities.
Such operations include: - authentication (login) - authorization (access control) - session access - logout |